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84. A method for flexible and secure transmission of digital content to an end user 
device, the method comprising: 

providing a control center for controlling access to the digital content by the end user 
device; 

transmitting scrambled digital content to a first end user device by a second end user 
device, such that said second end user device cannot play back said scrambled 
digital content; 

connecting said second end user device to said control center; and 

transmitting a permission message to said second end user device by said control center, 
such that said second end user device is able to unscramble said scrambled digital 
content to form unscrambled digital content. 

85. The method of claim 84, wherein transmitting said scrambled digital content 
includes: 

transmitting a first set of information for decoding said scrambled digital content to said 

second end user device; and 
permitting said second end user device to access said first set of information only if said 

permission message is given to said second end user device. 

86. The method of claim 85, wherein said first set of information is distributed with 
said scrambled digital content. 

87. The method of claim 85, wherein said first set of information is distributed by said 
control center, 

88. The method of claim 85, wherein transmitting said scrambled digital content 
includes contacting said control center by said second end user device to receive said permission 
message. 


89. The method of claim 85, wherein said first set of information includes an address 
of said control center. 

90. The method of claim 85, wherein said first set of information enables said 
unscrambled digital content to be permanently stored by said second end user device. 

91 . The method of claim 85, wherein said first set of information enables said 
unscrambled digital content to be permanently stored by said second end user device. 

92. The method of claim 84, wherein said first and said second end user devices 
belong to a group of a plurality of end user devices, such that said permission message is sent to 
each end user device belonging to said group. 

93. The method of claim 92, wherein membership in said group is at least partially 
determined according to communication between said end user devices. 

94. The method of claim 93, wherein transmitting said permission message fiirther 
comprises transmitting a token fi-om said first end user device to said second end user device, for 
including said first and said second end user devices in said group. 

95 . The method of claim 94, wherein transmitting said token is performed repeatedly 
for the plurality of end user devices in the group until a Umit is reached. 

96. The method of claim 95, wherein said limit is determined according to a number 
of end user devices in the group, such that if said number of end user devices exceeds a 
maximum permitted number, transmitting said scrambled digital content and transmitting said 
permission message are not performed for an additional end user device. 

97. The method of claim 96, wherein said limit is determined according to at least one 
reasonableness rule. 


98. The method of claim 95, wherein said Umit is determined according to at least 
reasonableness rule and wherein said at least one reasonableness rule restricts a number of 


copies of said scrambled digital content operable with said token. 

99. The method of claim 98, wherein when said limit is reached, at least one of 
transmitting said scrambled digital content and transmitting said permission message is not 
performed. 

100. The method of claim 98, wherein said at least one reasonableness rule requires 
at least said first end user device to wait for a predetermined period before transferring said 
scrambled digital content to an additional end user device in the group. 

101 . The method of claim 98, wherein said at least one reasonableness rule requires 
said second end user device to wait for a predetermined period before transferring said 
scrambled digital content to an additional end user device in the group, said predetermined 
period being greater for said second end user device than for said first end user device. 

1 02. The method of claim 98, wherein said period is at least partially determined 
according to a period of time. 

103 . The method of claim 98, wherein said period is at least partially determined 
according to operation of said end user device a minimum number of times. 

104. The method of claim 92, wherein membership in said group is at least partially 
determined according to said control center, such that if said group has more than a 
predetermined number of end user devices as members, said control center blocks receipt of 
said permission message by members of said group. 

105. A method for securing digital content for transmission to an end user device, 
comprising: 

providing a control center for controlling access to the digital content by the end user 
device; 

transmitting scrambled digital content to the end user device, such that the end user 

device cannot play back said scrambled digital content; 
transmitting a PECM (personal ECM) to the end user device by said control center, said 


PECM being specific to the end user device; and 
unscrambling said scrambled digital content by the end user device according to said 
PECM. 

106. The method of claim 105, v^herein transmitting said PECM further comprises: 
transmitting a first set of information in an ECM (entitlement control message) for 

decoding said scrambled digital content to the end user device; 
permitting the end user device to access said first set of information only if an entitlement 

management message (EMM) is given to the end user device and said EMM 

indicates that the end user device is permitted to use said ECM; and 
unscrambling said scrambled digital content by the end user device according to said first 

set of information. 


107. The method of claim 106, wherein said EMM is transmitted by said control center. 


1 08. The method of claim 1 06, further comprising: 

replacing said ECM with said PECM for unscrambling said scrambled digital content by 
the end user device. 


109. The method of claim 106, wherein said first set of information includes at least one 
instruction for generating a code word, such that permitting the end user device to access said 
first set of information includes: 

generating said code word according to said at least one instruction; and 
unscrambling said scrambled digital content according to said code word. 

110. The method of claim 1 05, further comprising: 

permanently associating said PECM with said scrambled digital content to permit 
unscrambling of said scrambled digital content by the end user device. 

111. The method of claim 110, further comprising: 

transmitting said scrambled digital content with said ECM from a first end user device to 

a second end user device; 
receiving a specific PECM by said second end user device from said control center; and 


unscrambling said scrambled digital content by said second end user device only after 
receiving said specific PECM. 

112. The method of claim 111, v^herein receiving said specific PECM by said second 
end user device includes: 

transmitting payment to said control center; and 

transmitting said PECM by said control center only after receiving payment. 

113. A system for securing digital content for transmission, comprising: 

(a) an end user device for receiving scrambled digital content and for unscrambling 
said scrambled digital content for playing back the digital content; 

(b) a broadcast unit for transmitting said scrambled digital content to said end user 
device; 

(c) a permission message generator for generating a permission message for 
transmission to said end user device, such that said end user device unscrambles 
said scrambled digital content only after said permission message is at least 
received by said end user device, said permission message being specific for said 
end user device; and 

(d) a subscription management system for controlling said permission message 
generator to determine whether said permission message is generated. 

1 14. The system of claim 113, fiirther comprising: 

(e) a network for connecting said end user device, said broadcast unit, said pemission 
message generator and said subscription management system. 


115. The system of claim 113, wherein said permission message generator sends said 
permission message to said subscription management system, and said subscription management 
system transmits said permission message to said end user device. 


116. The system of claim 113, wherein said permission message generator fiirther 
comprises: 

(i) an ECM (entitlement control message) generator for generating an ECM, said 
ECM forming a portion of said permission message; and 


(ii) a PECM (personalized ECM) generator for generating a PECM, said PECM being 
specific to said end user device, said PECM forming another portion of said 
permission message. 

117. The system of claim 116, wherein said end user device fiuther comprises a 
security module for receiving said ECM and said PECM, and for unscrambling said scrambled 
digital content for playing back the digital content upon receipt of at least one of said ECM and 
said PECM. 

118. The system of claim 117, wherein said security module further comprises a 
renewable security submodule, said renewable security submodule being removable and 
replaceable. 

119. The system of claim 118, wherein said renewable security submodule comprises a 
smartcard. 

120. The system of claim 117, wherein said security module features a limited number 
of slots for being associated with a pliirality of ECMs, such that if said limited number of slots 
are used, a PECM corresponding to at least one stored ECM must be received before an 
additional ECM is received by said end user device. 

121. The system of claim 120, wherein information concerning said slots is stored on 
said security module. 

122. The system of claim 119, further comprising a smartcard reader for reading said 
smartcard, said smartcard reader being separate jfrom said end user device, such that data 
produced by said smartcard is readable by said smartcard reader, including data resulting from 
said slots, said data being readable as a coded reply. 

123. A method for unscrambling scrambled content before display, the scrambled 
content being digital data and the unscrambled content being displayed as an analog signal, the 
method comprising: 

unscrambling the scrambled content to form unscrambled content as digital data; 


converting said unscrambled content from digital data to an analog signal, such that 

unscrambling and converting are performed immediately before said analog signal is 
displayed; and displaying said analog signal; wherein unscrambling and converting are 
performed at physically separated locations connected by a secure channel. 

124. A method for seciare distribution of digital content between end user devices, 
comprising: 

receiving scrambled digital content by a first end user device; 

receiving a permission message for unscrambling said scrambled digital content by said 
first end user device; 

transferring said scrambled digital content directly from said first end user device to a 

second end user device; and 
unscrambling said scrambled digital content by said second end user device only after 

said permission message is activated for said second end user device. 

125. The method of claim 124, wherein at least said second end user device is in 
communication with a control center and said permission message is activated for said second 
end user device by said control center. 

126. The method of claim 124, wherein said first and said second end user devices 
belong to a group of a plurality of end user devices, such that said permission message is sent to 
each end user device belonging to said group. 

127. The method of claim 126, wherein membership in said group is at least partially 
determined according to commianication between said end user devices. 

128. The method of claim 127, wherein receiving said permission message further 
comprises transmitting a token from said first end user device to said second end user device, for 
including said first and said second end user devices in said group. 

129. The method of claim 128, wherein transmitting said token is performed repeatedly 


for the plurality of end user devices in the group until a limit is reached. 

130. The method of claim 129, wherein said limit is determined according to a number 
of end user devices in the group, such that if said number of end user devices exceeds a 
maximum permitted number, receiving and transferring are not performed for an additional end 
user device. 

131. The method of claim 130, wherein said limit is determined according to at least 
one reasonableness rule. 

132. The method of claim 129, wherein said limit is determined according to at least 
one reasonableness rule and wherein said at least one reasonableness rule restricts a number of 
copies of said scrambled digital content operable with said PECM. 

133. The method of claim 1 32, wherein when said limit is reached, at least one of 
receiving and transferring is not performed. 

134. The method of claim 132, wherein said at least one reasonableness rule requires at 
least said first end user device to wait for a predetermined period before transferring said 
scrambled digital content to an additional end user device in the group. 

135. The method of claim 132, wherein said at least one reasonableness rule requires 
said second end user device to wait for a predetermined period before transferring said scrambled 
digital content to an additional end user device in the group, said predetermined period being 
greater for said second end user device than for said first end user device. 

136. The method of claim 132, wherein said period is at least partially determined 
according to a period of time. 

137. The method of claim 132, wherein said period is at least partially determined 
according to operation of said end user device a minimum number of times. 

138. The method of claim 125, wherein membership in said group is at least partially 


determined according to said control center, such that if said group has more than a 
predetermined number of end user devices as members, said control center blocks receipt of said 
permission message by members of said group. 


139. The method of claim 1 24, wherein xmscrambling comprises: 
purchasing the digital content; and 

activating said permission message for said second end user device. 


140. The method of claim 124, wherein said permission message is operative only by 
said first end user device, such that if said permission message is transferred to said second end 
user device by said first end user device, said permission message cannot be used by said second 
end user device. 


141 . A secure precision digital to analog converter, comprising; 

(a) an encryption engine; 

(b) a digital to analog converter for accepting input from said encryption engine for 
performing digital to analog conversion, said input including encrypted digital 
content and a key for decrypting said encrypted digital content; and 

(c) a secure channel for coimecting said encryption engine to said digital to analog 
converter, wherein said encryption engine is physically separated from said 
digital to analog converter. 

142. The converter of claim 141, wherein said digital to analog converter further 
comprises: 

(i) a plurality of weighted resistors; and 

(ii) a plurality of control registers for controlling a weight of each resistor, said 
plurality of control registers determining said weight according to said key. 


143 . The converter of claim 1 42, wherein at least one weight of said weighted resistors 
is a fi-actional weight. 

144. The converter of claim 141, further comprising an additional channel for 
transferring said encrypted digital content, such that said secure channel transfers said key. 


145. The converter of claim 144, wherein said additional channel and said secure 
channel share identical physical lines. 

146. A method for secure transmission of scrambled content to an end user device, the 
scrambled content comprising digital data, the method comprising: 

transmitting the scrambled content to the end user device; 
receiving a permission message by the end user device; 

unscrambling the scrambled content to form unscrambled content as digital data only 

after receiving said permission message by the end user device; 
converting said unscrambled content'to rescrambled content; 

unscrambling said rescrambled content when converting said content jfrom digital data to 
an analog signal, such that receiving and unscrambling are performed 
immediately before said analog signal is displayed; and 

displaying said analog signal, 

147. A secure precision digital to analog converter. 

148. A method for securely and precisely converting scrambled data to a final format 
for display, performed within a secure device, the method comprising: 

completely unscrambling the scrambled data to an unscrambled format of data; and 
immediately converting said data in said vmscrambled format to the final format for 

display, such that unscrambling and converting are performed within the secure 
device, and such that said data in said imscrambled format is inaccessible 
externally to the secure device. 

149. The method of claim 148, wherein converting scrambled data to the final format 
for display includes conversion of digital data to an analog signal. 

150. The method of claim 148, wherein unscrambling further comprises: 
receiving the scrambled data; 

unscrambling the scrambled data to a first unscrambled data; 
rescrambling said first unscrambled data to form rescrambled data; and 


mscrambling said rescrambled data to form said data in said unscrambled format of data. 

151. The method of claim 150, wherein the scrambled data is distributed to a plurality 
of secure devices, and wherein rescrambling and unscrambling are performed according to a 
different scheme by each secure device. 

1 52. The method of claim 151, wherein rescrambling said first unscrambled data to 
form said rescrambled data is performed differently by each secure device for each unscrambling 
operation. 

153. In a system for secure distribution of digital content, the system comprising a 
control center for distributing at least one key for unscrambling scrambled digital content and an 
end user device for receiving the scramble digital content, a method for providing temporary 
access to received scrambled digital content, the method comprising: 

sending a temporary key from the control center to the end user device, said temporary key 

being valid for a limited period of time; 
receiving the scrambled digital content by the end user device; and 
unscrambling the scrambled digital content by the end user device according to said 

temporary key, such that the end user device is only permitted to unscramble the 
scrambled digital content while said temporary key is valid. 

1 54. The method of claim 153, further comprising: 

receiving a permanent key by the end user device from the control center; 
replacing said temporary key with said permanent key; and 

unscrambling the scrambled digital content by the end user device according to said 
permanent key, such that the end user device has permanent access to the 
scrambled digital content. 

155. A method for securing digital content for transmission to a plurality of end user 
devices, said plurality of end user devices being members of a group, the method comprising: 

transmitting scrambled digital content to a first end user device, such that said first end 

user device cannot play back said scrambled digital content; 
transmitting a PECM (personal ECM) to said first end user device, said PECM being 


specific to the group of end user devices; 
transmitting said scrambled digital content from said first end user device to a second end 

user device, such that said second end user device cannot play back said 

scrambled digital content; 
transmitting said PECM (personal CM) to said second end user device; and 
unscrambling said scrambled digital content by said first and said second end user devices 

according to said PECM. 

156. The method of claim 155, wherein a control center controls access to the digital 
content by the group of end user devices, and wherein said PECM is sent at least to said first end 
user device by said control center. 

1 57. The method of claim 155, wherein said PECM is sent from said first end user 
device to said second end user device. 

158. The method of claim 155, wherein transmitting said scrambled digital content and 
transmitting said PECM are performed repeatedly for the plurality of end user devices in the 
group until a limit is reached. 

159. The method of claim 158, wherein said limit is determined according to a number of 
end user devices in the group, such that If said number of end user devices exceeds a I maximum 
permitted number, transmitting said scrambled digital content and transmitting said PECM are 
not performed for an additional lend user device. 

1 60. The method of claim 1 59, wherein said limit is determined according to at least 
one reasonableness rule. 

161. The method of claim 158, wherein said Umit is determined according to at least one 
reasonableness rule and wherein said ate least one reasonableness rule restricts a number of 
copies of said scrambled digital content operable with said PECM. 

1 62. The method of claim 161, wherein when said limit is reached, at least one of 
transmitting said scrambled digital content end transmitting said PECM is not performed. 


1 63 . The method of claim 1 62, wherein said at least one reasonableness rule requires at 
least said first end user device to wait for a predetermined period before transferring said 
scrambled digital content to an additional d user device in the group. 

1 64. The method of claim 1 63, wherein said period is at least partially determined 
according to a period of time. 

1 65. The method of claim 1 63, wherein said period is at least partially determined 
according to operation of said end user device a minimum number of times. 


